--- ticker: DELL company: Dell Technologies Inc. filing_type: 10-K year_current: 2024 year_prior: 2023 risks_added: 1 risks_removed: 1 risks_modified: 6 risks_unchanged: 31 source: SEC EDGAR url: https://riskdiff.com/dell/2024-vs-2023/ markdown_url: https://riskdiff.com/dell/2024-vs-2023/index.md generated: 2026-05-10 --- # Dell Technologies Inc.: 10-K Risk Factor Changes 2024 vs 2023 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-05-10 > All data extracted directly from official filings. No hallucinated content. > **[AI-Generated Summary]** The paragraph below was produced by a language > model and may contain errors. All other content on this page is deterministically > extracted from the original SEC filing. > Dell Technologies replaced its VMware strategic relationship risk with a new risk focused on AI ethics and liability concerns, reflecting a strategic pivot away from the VMware partnership toward managing reputational exposure from AI implementation. The company substantively enhanced its disclosure on cybersecurity threats, economic conditions, and governance structure vulnerabilities, indicating increased focus on these three areas as material business risks. Of 39 total risk factors, 31 remained substantively unchanged, suggesting Dell maintained consistent risk disclosure across most operational and market-related categories. --- ## Summary | Status | Count | |--------|-------| | New risks added | 1 | | Risks removed | 1 | | Risks modified | 6 | | Unchanged | 31 | --- ## New in Current Filing: Social and ethical issues relating to the use of new and evolving technologies, such as AI, in our offerings may result in reputational harm and liability. We view our continued investment in AI and generative AI ("GAI") research and development as an opportunity to enhance our solutions, strengthen our competitive advantage, and contribute to the responsible advancement of AI and GAI technology. While we aim to do so in a responsible, legal, and ethical manner, social, ethical, regulatory, and legal issues relating to the use of AI and GAI in our offerings may result in reputational harm or liability, and may cause us to incur additional research, development, and compliance costs. As with many innovations, AI and GAI present risks that could affect their adoption and contribution to our business. If we enable or offer solutions that draw controversy due to their perceived or actual impact on society, we may experience brand or reputational harm, competitive harm, or legal liability. Potential government regulation related to AI and GAI use and ethics also may increase the burden and cost of research and development and delay implementation of these technologies. --- ## No Match in Current: We may not achieve the intended benefits of our continuing strategic relationship with VMware. *This section from the 2023 filing does not have a high-confidence textual match in 2024. It may have been removed, merged, or substantially reworded.* On November 1, 2021, upon completion of the VMware Spin-off, the businesses of VMware were separated from our remaining businesses, and we and VMware entered into various agreements that govern our current relationship. Among those agreements, a commercial framework agreement provides a framework under which we and VMware are continuing our strategic relationship, particularly with respect to projects we and VMware believe have the potential to accelerate the growth of the industry, product, service, or platform that may provide one or both of our companies with a strategic market opportunity. We may not obtain the benefits we seek from a continuation of our strategic relationship with VMware under the commercial framework agreement and other arrangements. In addition to a potential for business disruption, the VMware Spin-off could cause our customers to delay or defer decisions to purchase products or renew contracts, or cause them to end their relationships with us, which could have a material adverse effect on our business, financial condition, results of operations, or cash flows. --- ## Modified: Adverse global economic conditions may harm our business and result in reduced net revenue and profitability. **Key changes:** - Reworded sentence: "Adverse economic conditions may negatively affect customer demand, and could result in postponed or decreased spending amid customer concerns over unemployment or slowing demand for their products, reduced asset values, volatile energy costs, the availability and cost of credit, and the stability and solvency of financial institutions, financial markets, businesses, local and state governments, and sovereign nations." **Prior (2023):** As a global company with customers operating in a broad range of businesses and industries, our performance is affected by global economic conditions and the demand for technology products and services in international markets. Adverse economic conditions may negatively affect customer demand, and could result in postponed or decreased spending amid customer concerns over unemployment or slowing demand for their products, reduced asset values, volatile energy costs, geopolitical issues, the availability and cost of credit, and the stability and solvency of financial institutions, financial markets, businesses, local and state governments, and sovereign nations. Weak or unstable global economic conditions, including those attributable to international conflicts, such as the conflict in Ukraine, international trade protection measures and disputes, such as those between the United States and China, or public health issues, such as those resulting from the coronavirus disease 19 ("COVID-19"), also could harm our business by contributing to product shortages or delays, supply chain disruptions, insolvency of key suppliers, customer and counterparty insolvencies, increased product costs and associated price increases, reduced global sales, and other adverse effects on our operations. Any such effects could have a negative impact on our net revenue and profitability. **Current (2024):** As a global company with customers operating in a broad range of businesses and industries, our performance is affected by global economic conditions and the demand for technology products and services in international markets. Adverse economic conditions may negatively affect customer demand, and could result in postponed or decreased spending amid customer concerns over unemployment or slowing demand for their products, reduced asset values, volatile energy costs, the availability and cost of credit, and the stability and solvency of financial institutions, financial markets, businesses, local and state governments, and sovereign nations. In Fiscal 2024, global economic uncertainty adversely affected the demand for our products and services as some of our larger customers exhibited increased caution in their IT spending. Factors contributing to weak or unstable global economic conditions, including those attributable to geopolitical volatility (such as ongoing military conflicts in Ukraine and the Middle East and tensions across the Taiwan Strait), international trade protection measures and disputes, such as those between the United States and China, or public health issues such as the coronavirus pandemic also could harm our business by contributing to product shortages or delays, supply chain disruptions, insolvency of key suppliers, customer and counterparty insolvencies, increased product costs and associated price increases, reduced global sales, and other adverse effects on our operations. Any such effects could have a negative impact on our net revenue and profitability. --- ## Modified: Our multi-class common stock structure with different voting rights may adversely affect the trading price of the Class C Common Stock. **Key changes:** - Reworded sentence: "Because of these disparate voting rights, Michael Dell and the Susan Lieberman Dell Separate Property Trust (the "MD stockholders") and certain investment funds affiliated with Silver Lake Partners (the "SLP stockholders") collectively held common stock representing approximately 94.0% of the total voting power of our outstanding common stock as of March 18, 2024." **Prior (2023):** Each share of our Class A Common Stock and each share of our Class B Common Stock has ten votes, while each share of our Class C Common Stock has one vote. Because of these disparate voting rights, Michael Dell and the Susan Lieberman Dell Separate Property Trust (the "MD stockholders") and certain investment funds affiliated with Silver Lake Partners (the "SLP stockholders") collectively held common stock representing approximately 95.2% of the total voting power of our outstanding common stock as of February 3, 2023. The limited ability of holders of the Class C Common Stock to influence matters requiring stockholder approval may adversely affect the market price of the Class C Common Stock. In addition, in recent years, FTSE Russell and S&P Dow Jones changed their eligibility criteria to exclude new companies with multiple classes of shares of common stock from being added to certain stock indices. FTSE Russell instituted a requirement that new and, beginning in September 2022, existing constituents of its indices have greater than 5% of their voting rights in the hands of public stockholders, as calculated by FTSE Russell, whereas S&P Dow Jones announced that companies with multiple 28 28 28 Table of Contents Table of Contents share classes, such as Dell Technologies, will not be eligible for inclusion in the S&P 500, S&P MidCap 400, and S&P SmallCap 600, which together make up the S&P Composite 1500. Other major stock indices might adopt similar requirements in the future. FTSE Russell's determination may change at any time. Under the current criteria, at a minimum, our multi-class capital structure makes our Class C Common Stock ineligible for inclusion in specified S&P Dow Jones indices, including those making up the S&P Composite 1500, and, as a result, mutual funds, exchange-traded funds, and other investment vehicles that track these indices will not invest in the Class C Common Stock. It is unclear what effect, if any, exclusion from any indices has on the valuations of the affected publicly-traded companies. It is possible that such policies may depress the valuations of public companies excluded from such indices compared to valuations of companies that are included. **Current (2024):** Each share of our Class A Common Stock and each share of our Class B Common Stock has ten votes, while each share of our Class C Common Stock has one vote. Because of these disparate voting rights, Michael Dell and the Susan Lieberman Dell Separate Property Trust (the "MD stockholders") and certain investment funds affiliated with Silver Lake Partners (the "SLP stockholders") collectively held common stock representing approximately 94.0% of the total voting power of our outstanding common stock as of March 18, 2024. The limited ability of holders of the Class C Common Stock to influence matters requiring stockholder approval may adversely affect the trading price of the Class C Common Stock. Because of our multi-class share structure, we have been and will likely continue to be excluded from certain stock indices. FTSE Russell has changed its eligibility criteria to exclude certain companies with multiple classes of shares of common stock from being added to some of its stock indices. Under the current criteria, new and, beginning in September 2022, existing constituents of its indices must have greater than 5% of their voting rights in the hands of public stockholders, as calculated by FTSE Russell. Previously, S&P Dow Jones also had excluded companies with multiple share classes, such as Dell Technologies, from its indices, including the S&P 500, S&P MidCap 400, and S&P SmallCap 600, which together make up the S&P Composite 1500. In April 2023, S&P Dow Jones reversed this policy and announced that companies with multi-class capital structures will again be eligible for inclusion on its indices. We cannot be sure that such policy, or the policies of other indices, will not change further and make us ineligible for inclusion in the S&P Composite 1500, or other indices, in the future. After this rule change by the S&P Dow Jones, the Russell 2000 continues to have, and other indices may have, limitations on inclusion based on multiple share class structures. It is unclear what effect, if any, exclusion from any indices has on the valuations of the affected publicly-traded companies. It is possible that such policies may depress the valuations of public companies excluded from such indices compared to valuations of companies that are included. --- ## Modified: Cyber-attacks and other security incidents that disrupt our operations or result in a network intrusion, breach or loss, or other compromise of proprietary or confidential information about us or our workforce, customers, partners, or third parties could negatively affect our business, harm our reputation, cause us to lose clients and expose us to costly regulatory enforcement and litigation. **Key changes:** - Reworded sentence: "We routinely receive, collect, manage, store, transmit, and otherwise process large amounts of proprietary information and confidential data, including personally identifiable and other sensitive information, relating to our operations, products, partners, and customers." - Reworded sentence: "In the past, we have been targeted by criminal and other threat actors that attempted cyber-attacks of our systems and networks." - Reworded sentence: "The mitigation techniques they deploy may be ineffective or result in adverse performance, system instability, or data loss, and may not always be available, or available on a timely basis." - Reworded sentence: "Failure to comply with internal security policies and standards, including secure development lifecycle practices, or to prevent or promptly mitigate security vulnerabilities in our products and offerings may adversely affect our brand and reputation and subject us to government investigations, regulatory enforcement actions, litigation, and potential liability resulting from our inability to fulfill our contractual obligations to our customers and partners." **Prior (2023):** We routinely manage, store, transmit and otherwise process large amounts of proprietary information and confidential data, including sensitive and personally identifiable information, relating to our operations, products, and customers. We face numerous evolving cyber threats of significant scale, volume, severity, and complexity, making it increasingly difficult to defend against security incidents successfully or to implement adequate preventative measures. Despite our internal controls and significant and ongoing investment in security measures, criminal or other unauthorized threat actors, including nation states or state-sponsored organizations, may be able to penetrate our security defenses, breach our information technology systems, misappropriate or compromise confidential and proprietary information of our company or our customers, cause system disruptions and shutdowns, or introduce ransomware, malware, or vulnerabilities into our products, systems, and networks or those of our customers and partners. Employees, contractors, or other insiders may introduce vulnerabilities into our environments or otherwise may seek to misappropriate our intellectual property and proprietary information. The shift to work-from-home and flexible work arrangements following the COVID-19 pandemic may increase our vulnerability, as employees and contractors of our company and third-party providers are working remotely and using home networks that may pose a significant risk to network, data, and cyber security. In addition, our business may be adversely affected by cyber-attacks and data thefts resulting from ongoing wars and geopolitical conflicts. In the past, we have experienced security incidents, including the unauthorized activity on our network attempting to extract Dell.com customer information we disclosed in November 2018. The costs to address cyber risks, both before and after a security incident, could be significant, regardless of whether incidents result from an attack on us directly or on third-party vendors upon which we rely. Our customers, partners, and third-party vendors continue to experience security incidents of varying severity, including, but not limited to, increased ransomware attacks, network intrusions, and unauthorized data exfiltration, which have directly and indirectly impacted our operations in the past. Targeted cyber-attacks or those that may result from a security incident directed at a third-party vendor could compromise our internal systems, products, services, and offerings, and the systems of our customers, resulting in interruptions, delays, or 21 21 21 Table of Contents Table of Contents cessation of service that could disrupt business operations for us and our customers. Our proactive measures and remediation efforts may not be successful or timely. In addition, breaches of our security measures, including through the use and the unapproved dissemination of proprietary information or sensitive or confidential data about us, our customers, or other third parties, could impair our intellectual property rights and expose us, our customers, or such other third parties to a risk of loss or misuse of such information or data. Any such incidents also could subject us to government investigations and regulatory enforcement actions, litigation, potential liability, and damage to our brand and reputation, or otherwise harm our business and operations. Hardware, software, and applications that we produce or procure from third parties also may contain defects in design or manufacture or other deficiencies, including security vulnerabilities that could interfere with the operation or security of our products, services, and offerings. In the event of a security vulnerability or other flaws in third-party components or software code, we may have to rely on multiple third parties to mitigate vulnerabilities. Such mitigation techniques may be ineffective or may result in adverse performance, system instability or data loss, and may not always be available, or available on a timely basis. Any actual or perceived security vulnerabilities in our products or services, or those of third-party products we sell, could lead to loss of existing or potential customers, and may impede our sales, manufacturing, distribution, outsourcing services, information technology solutions, and other critical functions and offerings. Failure to prevent or promptly mitigate security vulnerabilities may adversely affect our brand and reputation and subject us to government investigations, regulatory enforcement actions, litigation and potential liability resulting from our inability to fulfill our contractual obligations to our customers and partners. As a global enterprise, we are subject to an increasing number of laws and regulations in the United States and numerous other countries relating to the collection, use, residency, transfer, and protection of data, including customer data, and other sensitive, confidential, and proprietary information. Our ability to execute transactions and to process and use personal information and other data in the conduct of our business, the operation of our products and offers, and the provision of services to our customers subjects us to increased obligations to comply with applicable laws and regulations and may require us to notify regulators, customers, employees, or other third parties of our data processing and data transfer activities, as well as provide notification and disclosure of security incidents and data or privacy breaches. The rapid evolution and increased adoption of artificial intelligence ("AI") technologies and our obligations to comply with emerging AI laws and regulations may require us to develop additional AI-specific governance programs. We continue to incur significant expenditures to comply with mandatory privacy, security, data protection and localization requirements imposed by law, regulation, industry standards and contractual obligations. Despite such expenditures, we may face regulatory and other legal actions, including potential liability or the inability to conduct business or sell our products or offers in a specific jurisdiction, in the event of a security incident or data or privacy breach or perceived or actual non-compliance with such regulatory requirements and controls. **Current (2024):** We routinely receive, collect, manage, store, transmit, and otherwise process large amounts of proprietary information and confidential data, including personally identifiable and other sensitive information, relating to our operations, products, partners, and customers. We face numerous sophisticated and evolving cyber threats of significant scale, volume, severity, and complexity, including threats specifically designed for or directly targeted at us, making it increasingly difficult to defend against security incidents successfully or to implement adequate preventative measures. 20 20 20 Table of Contents Table of Contents Despite our cybersecurity governance and investment in controls and security measures, criminal or other unauthorized threat actors, including nation states and state-sponsored organizations, pose a significant risk of penetrating or bypassing our security defenses, breaching our information technology systems, and misappropriating, breaching, or compromising confidential and proprietary information of our company, our partners, or our customers, causing system disruptions and shutdowns, or introducing ransomware, malware, or vulnerabilities into our products, systems, and networks or those of our customers and partners. We also face a risk that employees, contractors, or other insiders, particularly those with connectivity to our systems, may introduce vulnerabilities into our environments, facilitate a cybersecurity attack, or take actions to misappropriate our intellectual property and proprietary information. Continued work-from-home and flexible work arrangements further increase our risk, as employees and contractors of our company and third-party providers are working remotely and using home networks that may pose an increased risk to our networks, data, and cybersecurity. In addition, our business may be adversely affected by cyber-attacks and data thefts resulting from ongoing wars and geopolitical conflicts. In the past, we have been targeted by criminal and other threat actors that attempted cyber-attacks of our systems and networks. These attacks are common in our industry for companies of our size and can include such malicious techniques as ransomware, network intrusions, exploitation of zero-day vulnerabilities, distributed denial of service, man-in-the-middle, phishing, vishing, domain name system spoofing, password spraying and other credential attacks, structural query language injection, and malware. The costs associated with cybersecurity tools and infrastructure and competition for scarce cybersecurity and IT resources have at times limited, and may in the future limit, our ability to efficiently identify, eliminate, or remediate cybersecurity or other security vulnerabilities or problems or enact changes to minimize the attack surface of our network. While our security systems and controls have successfully protected us against, and mitigated the impacts of, many attacks of this nature, we have experienced security incidents that negatively affected our business and expect that we will experience similar incidents in the future. The costs to address cybersecurity risks, both before and after a security incident, could be significant, regardless of whether incidents result from an attack on us directly, on customers we service, or on partners or third-party vendors upon which we rely. Our customers, partners, and third-party vendors continue to experience security incidents of varying severity, including, among others, ransomware attacks, network intrusions, and exploitations of product and software security vulnerabilities. These parties also possess or transmit our proprietary information and confidential data, including personal data, personally identifiable information, and other sensitive information, which may be exfiltrated if they are impacted by a security incident. Targeted cyber-attacks or those that result from a security incident directed at a partner or third-party vendor create a risk of compromise to our internal systems, products, services, and offerings, as well as the systems of our customers, which could result in interruptions, delays, or cessation of service that could disrupt business operations for us and our customers. Our proactive measures and remediation efforts are not always successful or timely. In addition, breaches of our security measures, including through the use and the unapproved dissemination of proprietary information or sensitive or confidential data about us, our customers, partners or other third parties, could impair our intellectual property rights and expose us, our customers, partners, or such other third parties to a risk of loss or misuse of such information or data. Any such incidents could subject us to government investigations and regulatory enforcement actions, litigation, potential liability, and damage to our brand and reputation, or otherwise harm our business and operations. Hardware, software, and applications that we produce or procure from third parties also may contain defects in design or manufacture or other deficiencies, including security vulnerabilities that could interfere with the operation or security of our products, services, and offerings. In the event of a security vulnerability or other flaws in third-party components or software code, we may have to rely on multiple third parties to mitigate vulnerabilities. The mitigation techniques they deploy may be ineffective or result in adverse performance, system instability, or data loss, and may not always be available, or available on a timely basis. Any actual or perceived security vulnerabilities in our products or services, or those of third-party products we sell, could lead to loss of existing or potential customers, and may impede our sales, manufacturing, distribution, outsourcing services, information technology solutions, and other critical functions and offerings. Failure to comply with internal security policies and standards, including secure development lifecycle practices, or to prevent or promptly mitigate security vulnerabilities in our products and offerings may adversely affect our brand and reputation and subject us to government investigations, regulatory enforcement actions, litigation, and potential liability resulting from our inability to fulfill our contractual obligations to our customers and partners. 21 21 21 Table of Contents Table of Contents As a global enterprise, we are subject to compliance risks under a significant and increasing number of laws and regulations in the United States, the European Union, China, and numerous other countries relating to cybersecurity, product and software supply chain security, and the collection, use, residency, transfer, and protection of data, including customer data, and other personal, sensitive, confidential, and proprietary information. Such information security, data protection, and privacy laws and regulations continue to evolve and may be interpreted and applied differently in different jurisdictions, making it difficult to determine how they may develop and apply to us. Our execution of transactions and processing and use of customer data, including personal data and personal identifiable information and other data in the conduct of our business, the operation of our products and offerings, and the provision of services to our customers subject us to increased obligations to comply with applicable laws and regulations and may require us to notify regulators, customers, employees, or other third parties of our data processing and data transfer activities, cybersecurity and data protection practices, as well as to provide notification and disclosure of security incidents and data or privacy breaches. We also face the increasing cost of disparate global regulatory compliance obligations and potential enforcement activities and litigation action in the event we experience a significant disruption of our operations or breach, loss, or other compromise of proprietary or confidential information as a result of a cyber-attack or insider activity. While we continue to incur significant expenditures to comply with mandatory privacy, security, data protection and localization requirements imposed by law, regulation, industry standards and contractual obligation, we may fail to comply fully with these requirements. Any such non-compliance could adversely affect our ability to conduct business or sell our products or offerings in a specific jurisdiction or result in fines or penalties that could impact our financial results. --- ## Modified: We may not continue to pay cash dividends or to pay cash dividends at the same rate as announced in March 2024. **Key changes:** - Reworded sentence: "Our payment of cash dividends, as well as the rate at which we pay dividends, is solely at the discretion of our Board of Directors." - Reworded sentence: "32 32 32 Table of Contents Table of Contents" **Prior (2023):** Our payment of dividends, as well as the rate at which we pay dividends, is solely at the discretion of our Board of Directors. Further, dividend payments, if any, are subject to our financial results and the availability of statutory surplus to pay dividends. These factors could result in a change to our current dividend policy. 31 31 31 Table of Contents Table of Contents **Current (2024):** Our payment of cash dividends, as well as the rate at which we pay dividends, is solely at the discretion of our Board of Directors. Further, dividend payments, if any, are subject to our financial results and the availability of statutory surplus to pay dividends. These factors could result in a change to our current dividend policy. 32 32 32 Table of Contents Table of Contents --- ## Modified: Natural disasters, terrorism, armed hostilities, or public health issues could harm our business. **Key changes:** - Reworded sentence: "Natural disasters, terrorism or armed hostilities, such as the war between Russia and Ukraine, the conflict in the Middle East, or tensions across the Taiwan Strait, or public health issues, such as those that have resulted from the coronavirus pandemic, whether in the United States or in other countries, could cause damage or disruption to us or our suppliers and customers, or could create political or economic instability, any of which impacts could harm our business." - Removed sentence: "The COVID-19 pandemic negatively impacted the global economy, disrupted global supply chains, created significant volatility and disruption in financial markets, and, at times, increased unemployment levels." - Removed sentence: "In addition, the pandemic resulted in temporary closures of many businesses and the institution of various lockdown orders and sheltering in place requirements around the world." - Removed sentence: "The effects of COVID-19 adversely impacted aspects of our business over the last three fiscal years." - Removed sentence: "The full impact of COVID-19 or any other widespread public health issue on our financial condition and results of operations will depend on the duration and scope of an outbreak (including the emergence or re-emergence of variants and their transmissibility, and the success of vaccination programs and treatments), its impact on our consumers and our partners, how quickly normal economic conditions, operations, and the demand for our services and products can resume, and any permanent behavioral changes which the pandemic or other public health issue may cause." **Prior (2023):** Natural disasters, terrorism or armed hostilities, such as the war between Russia and Ukraine, or public health issues, such as those resulting from the COVID-19 pandemic, whether in the United States or in other countries, could cause damage or disruption to us or our suppliers and customers, or could create political or economic instability, any of which impacts could harm our business. Any such events could cause a decrease in demand for our products, make it difficult or impossible to deliver products or for suppliers to deliver components, and create delays and inefficiencies in our supply chain. The COVID-19 pandemic negatively impacted the global economy, disrupted global supply chains, created significant volatility and disruption in financial markets, and, at times, increased unemployment levels. In addition, the pandemic resulted in temporary closures of many businesses and the institution of various lockdown orders and sheltering in place requirements around the world. The effects of COVID-19 adversely impacted aspects of our business over the last three fiscal years. The full impact of COVID-19 or any other widespread public health issue on our financial condition and results of operations will depend on the duration and scope of an outbreak (including the emergence or re-emergence of variants and their transmissibility, and the success of vaccination programs and treatments), its impact on our consumers and our partners, how quickly normal economic conditions, operations, and the demand for our services and products can resume, and any permanent behavioral changes which the pandemic or other public health issue may cause. These conditions and impacts are highly uncertain and cannot be predicted. **Current (2024):** Natural disasters, terrorism or armed hostilities, such as the war between Russia and Ukraine, the conflict in the Middle East, or tensions across the Taiwan Strait, or public health issues, such as those that have resulted from the coronavirus pandemic, whether in the United States or in other countries, could cause damage or disruption to us or our suppliers and customers, or could create political or economic instability, any of which impacts could harm our business. Any such events could cause a decrease in demand for our products, make it difficult or impossible to deliver products or for suppliers to deliver components, and create delays and inefficiencies in our supply chain. --- ## Modified: Our failure to achieve our ESG goals and initiatives, comply with ESG legal standards or meet the expectations of our stakeholders regarding our ESG activities could harm our reputation, adversely affect our business, and expose us to regulatory proceedings and litigation. **Key changes:** - Reworded sentence: "We make statements about our ESG goals and initiatives through our SEC filings, our annual ESG report, our other non-financial reports, information provided on our website, press statements and other communications." - Reworded sentence: "Any failure, or perceived failure, by us to achieve our goals, further our initiatives, adhere to our public statements, comply with federal, state, or international ESG laws and regulations, or meet evolving and varied stakeholder expectations could harm our reputation, adversely affect our business, financial condition or results of operations, and expose us to liabilities under regulatory proceedings or litigation instituted in the United States or in other countries." **Prior (2023):** Many governments, regulators, investors, employees, customers, and other stakeholders are increasingly focused on environmental, social and governance ("ESG") considerations relating to businesses, including climate change and greenhouse gas emissions, human and civil rights, and diversity and inclusion. We make statements about our environmental, social and governance goals and initiatives through our SEC filings, our annual ESG report, our other non-financial reports, information provided on our website, press statements and other communications. Responding to these ESG considerations and implementation of these goals and initiatives involves risks and uncertainties, requires investments, and depends in part on third-party performance or data that is outside our control. We cannot guarantee that we will achieve our announced ESG goals and initiatives. In addition, some stakeholders may disagree with our goals and initiatives. Any failure, or perceived failure, by us to achieve our goals, further our initiatives, adhere to our public statements, comply with federal, state, or international ESG laws and regulations, or meet evolving and varied stakeholder expectations and standards could result in legal and regulatory proceedings against us and materially adversely affect our business, reputation, results of operations, and financial condition. **Current (2024):** Many governments, regulators, investors, employees, customers, and other stakeholders are increasingly focused on environmental, social and governance ("ESG") considerations relating to businesses, including climate change and greenhouse gas emissions, human and civil rights, and diversity and inclusion. We make statements about our ESG goals and initiatives through our SEC filings, our annual ESG report, our other non-financial reports, information provided on our website, press statements and other communications. Responding to these ESG considerations and implementation of these goals and initiatives involves risks and uncertainties, requires investments, and depends in part on third-party performance or data that is outside our control. We cannot guarantee that we will achieve our announced ESG goals and initiatives. In addition, some stakeholders may disagree with our goals and initiatives. Any failure, or perceived failure, by us to achieve our goals, further our initiatives, adhere to our public statements, comply with federal, state, or international ESG laws and regulations, or meet evolving and varied stakeholder expectations could harm our reputation, adversely affect our business, financial condition or results of operations, and expose us to liabilities under regulatory proceedings or litigation instituted in the United States or in other countries. We are or soon will be obligated to comply with new climate-related reporting requirements. Sustainability reporting frameworks may require us to provide detailed public disclosures about the greenhouse gas emissions and other climate-related effects our activities produce, the climate-related operating and financial risks we face, and the strategies we pursue to reduce and adapt to the impacts of climate change. We expect to incur substantial costs to prepare these disclosures. If we fail to compile, assess, and report the required information in a timely manner and in accordance with mandatory reporting standards, we could be exposed to fines and other sanctions. --- *Data sourced from SEC EDGAR. Last updated 2026-05-10.*